Access "Enforcing endpoint security"
This article is part of the January/February 2011 issue of Cloud initiatives are changing roles for information security managers
Malware-infested, non-compliant endpoints can bring even a well-secured network to its knees unless steps are taken to assess and prevent damage. Checking the health and posture of every IP-enabled device connected to a network then taking action to enforce compliance may be a simple concept, but deployment can be tricky. According to Forrester Research, 40 percent of enterprises have started network access control (NAC) initiatives in which endpoint integrity can play a role, but only four percent have completed them. Many promising projects are abandoned, victims of overly-ambitious goals, ineffective implementations, or inter-organizational struggles. So what does it take to plan, implement, and maintain a practical-yet-effective endpoint integrity enforcement program? We asked several adopters about their experiences to uncover the secrets to success and pitfalls to avoid. These diverse implementations served varied populations but all employed some essential best practices. (see below). BEST PRACTICES Organizations offer nine tips for successful ... Access >>>
Premium Content for Free.
Information security roles growing in influence
Information security managers are getting more of a say in enterprise cloud initiatives and mobile device projects.
The state of critical infrastructure security
Stuxnet put the spotlight on critical infrastructure protection but will efforts to improve SCADA security come too late?
- Information security roles growing in influence
Enforcing endpoint security
by Lisa Phifer, Contributor
Enforcing endpoint security requires careful planning and deployment.
- Enforcing endpoint security by Lisa Phifer, Contributor
Schneier-Ranum Face-Off on whitelisting and blacklisting
Security experts Bruce Schneier and Marcus Ranum debate whether network security should be based on whitelisting or blacklisting.
The penetration tester is alive and well
Automation hasn't killed the penetration tester – yet.
Old information security challenges persist
by Dave Shackleford
A look back at articles from the past shows that the same information security problems persist today.
- Schneier-Ranum Face-Off on whitelisting and blacklisting
More Premium Content Accessible For Free
Devising a security strategy for the modern network
The network of today's enterprise is larger and more diverse than ever, which means there's more for hackers to attack. So as enterprises update ...
The big data challenge: What's in store for NoSQL security
In the rush to capitalize on big data, many companies forget that developing an ecosystem of structured and unstructured data means higher risk of ...
A comprehensive guide to securing the Internet of Things
As the number of Internet-connected devices grows, the potential security challenges of the so-called "Internet of Things," or IoT, can no longer be ...